CrowdStrike Falcon Endpoint Protection Platform Features

Lets users group and organize their endpoints to gather threat intelligence on specific technologies.

Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.

The process in which users integrate their existing security systems and endpoints to the threat intelligence platform.

A feature that allows security testing and information gathering to occur in a secure, resource independent environment.

Prior to security incidents, the product will alert users when a new, relevant vulnerability or threat is discovered.

Provides multiple techniques and information sources to alert users of malware occurrences.

The ability for users to produce reports outlining detailed and personalized threat information

Analysis for users to examine threat intelligence data specific to their endpoint devices.

The product has a recurring examination process to update your intelligence reports as new threats emerge.

The ability to examine your application, website, or database's code to uncover zero-day vulnerabilities.

Documents the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.

Keeps records of each network asset and its activity. Discovers new assets accessing the network.

Provides security information and stores the data in a secure repository for reference.

Alerts users of incidents and allows users to intervene manually or triggers an automated response.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Documents cases of abnormal activity and compromised systems.

Stores information related to common threats and how to resolve them once incidents occur.

Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised.

Allows users to customize analytics with granulized metrics that are pertinent to your specific resources.

Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents.

Monitors assets and enforces security policies to audit assets and infrastructure security.

Filters websites and manages whitelisting to enforce compliance protocols for users accessing the internet within the network.

Blocks endpoint users from accessing restricted applications.

Keeps records of each network asset and its activity. Discovers new assets accessing the network.

Manages user network accessibility on laptops and mobile devices.

Cuts off network connection or temporarily inactivate applications until incidents are remedied.

Protects endpoint devices from a variety of attacks and malware threats.

Analysis for users to examine threat intelligence data specific to their endpoint devices.

Provides multiple techniques and information sources to alert users of malware occurrences.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators.

Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators.

Provide insights into why trends are occurring and what issues could be related.

Monitors, records, and logs both real-time and post-event activity.

Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Monitors the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.

How satisfied are you with this app/integration in the ServiceNow ecosystem?

How valuable is it to be able to use this product with ServiceNow?

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Facilitates the proactive search for emerging threats as they target servers, endpoints, and networks.

Allows administrators to set rules specified to detect issues related to issues such as sensitive data misuse, system misconfiguration, lateral movement, and/or non-compliance.

Constantly monitors system to detect anomalies in real time.

Allows for customized support for hybrid environments

Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.

Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.

Stores information related to common threats and how to resolve them once incidents occur.

Facilitates Artificial Intelligence (AI) such as Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.

Collects information from multiple sources to cross reference and build contextual to correlate intelligence.

Investigate identity threats with contextual user information.

Monitor & detect malicous identity and privileges activity

Identify identity-related misconfigurations.

Offers integrations to identity store providers.

Provide full coverage of identity estate with granular detail.

Remove unauthorized accounts and excessive privileges

Provides full audit trail with notifications, ticketing, and compliance information.

Provides 24/7 support to customers with technical questions.

Proactively sends reports or alerts to customers.

Lets users detect and block applications that are not a security threat.

Proactively hunts threats.

Provides rapid reponse time to cyber threats.

Provides the ability to customize reports.

Offers MDR as a service.

Ability to automatically neutralize or eliminate active vulnerabilities.

Ability to automatically investigate networks and endpoints for threats.

Utilizes AI agents for detection and response tasks.

Allows users to generate text based on a text prompt.

Condenses long documents or text into a brief summary.

Condenses long documents or text into a brief summary.

Condenses long documents or text into a brief summary.

Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.

Use AI to automatically create detection rules based on observed patterns.

Use AI to produce concise summaries of complex threat reports or alerts.

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Works across multiple software systems or databases

Anticipates needs and offers suggestions without prompting

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Works across multiple software systems or databases

Offers managed detection and response services.

Offers managed detection and response services.